TWI311429B - System and method for signing electronic documents automatically - Google Patents

Description

1311429 k, invention description: [Technical field of invention] The present invention relates to an electronic document automatic signature system and method. [Prior Art] Under normal circumstances, 'electronic documents are printed on paper, and the word 'e-commerce process' has a low implementation rate, which is increased by paperwork. Li has developed corresponding electronic signature laws in various countries, and electronic signatures have the same legal effect. Electronic signatures make electricity = seemingly private, complete and non-repudiation, and can be applied to evidence that is effective. Π- reminder j electronic signature mainly should be closed (4) algorithm and public material code algorithm to encrypt and decrypt the electronic document, abstract calculus, SH), also called one-way hash algorithm, its role is ^ The variable length of the trough is transformed into a fixed length string or a bit string, m bits '(10) bits '256 bits or 512 bits, etc., purpose; ί shortens the length of the electronic signature document and improves the signature of the rate. Recording cryptographic algorithms (such as RSA, ECC, etc.), also called asymmetric cryptography, use different keys for encryption and decryption, and the two sides of the communication are privately recorded (public and private). Keep open to the other party. At the time of electronic signature, the sender signs with his own ππ a , m , ~ private key, and the recipient uses the sender's public key to verify. The credibility of the public key is ". ί 〇 , , , , 基础 基础 - - - - - - 需要 需要 需要 需要 需要 需要 需要 需要 CA CA CA CA CA CA CA CA CA CA CA CA CA CA CA CA CA CA CA CA The collective name of the public sign and related 7 1311429 issued by the authorized unit is the so-called digital certificate. The characteristic of the electronic signature is that it represents the characteristics of the document. If the document changes, the value of the electronic signature will also follow. When a change occurs, different documents get different digital signatures. In the transmission process, if a third person tampers with the text, but he does not know the sender's private key, the decrypted electronic signature and The calculated electronic signature must be different, which provides a safe way to break the identity of the sender. I The process of electronic signature is: the sender of the message generates a message digest (or hash) from the message text. Value), the sender encrypts the hash value with its own private key to form the sender's electronic signature; then, the electronic signature will be attached to the message The receiver and the message are sent to the receiver of the message. The receiver of the message first calculates the message digest (or hash value) from the received original message, and then uses the sender's public key to match the message. The additional electronic signature is decrypted, and if the two digests are the same, the recipient can confirm that the electronic signature is the sender. The team disclosed the Chinese patent in the first quarter of 2005, the application number is 〇3822〇34 2 The application 'discloses a method of generating and/or confirming an electronic signature' generates an asymmetric pair of passwords by this method, the pair of passwords including a private signature key and a public confirmation key. In addition, with a dedicated signature The key and the at least one electronic signature are calculated by using a pre-determinable signature function for the at least one electronic document, and then the calculated electronic signature is transmitted to the recipient together with the electronic document, and finally the recipient does not endure the electronic Signature. But the invention is to verify the identity of the signer by the other party after the electronic signature is generated, and the signer is not verified before the electronic signature 8 1311429 [Invention] In the above content, it is necessary to provide an electronic document automatic signature system, which can verify the identity of the shirt person before electronic signature, and effectively prevent the electronic signature from being forged. The invention provides an electronic signature automatic signature method, which can verify the identity of the signer before electronic signature, and effectively prevent the electronic signature from being forged. - An electronic document automatic signature system includes an application computer, a certificate server, a client computer and The application computer generated module described in the database 'secret money line electronic signature electronic (10), sends the signature field information to the client computer, notifies the user to perform an electronic signature operation; the verification module is used when the user confirms the electronic signature After the operation, the user's digital certificate is obtained from the database, and the certificate is used according to the digital certificate; the civilian student group 1 is in the good identity 4=2 into the electronic domain; the Jialong group, the secret _ The digest in the digital certificate is encrypted by the digest of the electronic spoof to obtain an electronic signature of the document. Yu Lei & electronic reading automatic signature method, including the following steps: generating good reading with knowledge/name, sending the signature client computer, and electronically signing through the data holder; the user is operating the electronic shirt; a digit certificate of the user; verifying the identity of the document according to the digital certificate; after the user identity verification is passed, generating a summary of the electronic; according to the private key in the digital certificate, the electronic document is 1311429 * m · The abstract is encrypted to obtain an electronic signature of the electronic document. Compared with the prior art, the electronic signature automatic signature system and method can automatically sign electronic document rights and verify the identity of the signer before electronic signature, thereby effectively preventing the electronic signature from being forged. [Embodiment] Referring to Figure 1, there is shown a hardware architecture diagram of a preferred embodiment of the electronic document automatic signature system of the present invention. The system mainly includes an application computer 10, a certificate server 20, a network 30, a plurality of client computers 40, and a database. The application computer is connected to the certificate server 2〇 and the client computer 40 via the network 3. The certificate server 20 is configured to generate a password pair (including a public transmission and a private key), and perform a digital certificate application for the user. Authentication, if the user's application passes, authorize the user a digital certificate. The digital certificate includes: a user's information, a public key, a private key, an expiration date, etc., wherein the public key is disclosed to the other party, and is used by the other party to verify their identity. In the invention, the public key is also used in the electronic The identity of the signer is verified before the document is electronically signed; the private key is strictly confidential and is used by the user to electronically sign the electronic document. When the electronic signature is made, the sender signs with his own private signature, and the recipient uses the sender's rifle to verify. The application computer 10 and the client computer 40 are provided with a signature system, wherein the signature system in the client computer 40 provides a signature entry operation of the client, and the signature system in the application computer 10 provides background operations. The application computer 10 is configured to generate an electronic document for electronic signature, verify the identity of the signer, generate a digest of the electronic document, and encrypt the electronic document to generate an electronic signature. 1311429, the certificate feeding device 2 is connected with a database 5, which stores a digital certificate. As described below, the electronic signature is automatically signed through the aforementioned electronic message slot. First, the application computer 10 generates an electronic signature for the electronic signature, and transmits the signature information to the client computer (9) via the network 30. After the user_ the signature notification, the signature to the signature is confirmed. Then, the application computer 1 obtains the digital certificate of the user from the database 5G of the second book feeder 20 through the network, and verifies the identity of the user based on the digital certificate. If the user's identity is verified, an electronic signature operation of the electronic document is performed. Referring to FIG. 2, it is a functional module of the application computer shown in FIG. 1. The application computer 10 includes a document generation module 101, a verification module 1〇2, a document summary generation module 1〇3, and an encryption module. group. _ /, medium read generation 1Q1 is used to generate an electronic signature to send signature information to the client computer 40 via the network 30 to notify the user of the electronic signature operation. The inspection group 1G2 is used to acquire the digit of the user from the database 50 of the certificate feeder 20 after the user confirms the electronic signature operation, and according to the number of the book, the user who has signed the signature line Identity yoga test sister. If the digital certificate contains the user information and the public and the validity period of the user is within the valid range, the user's identity verification is passed. The # π document summary generation module 103 is configured to summarize the summary of the electronic document based on the digest algorithm after the user identity verification is passed. 11 1311429 * The encryption module 104 is configured to encrypt the abstract of the electronic document according to the private key in the digital certificate to obtain an electronic signature of the electronic document. Referring to Figure 3, there is shown a flow chart of a preferred embodiment of the electronic document automatic signature method of the present invention. First, the document generation module 101 generates an electronic document for electronic signature, and transmits the signature information to the client computer 40 via the network 30 to notify the user of the electronic signature operation (step s4). After receiving the electronic signature notification, the user logs in to the signature system to confirm the electronic signature operation.

(^S401). Then, the verification module 1〇2 obtains the digital certificate of the user from the database 5 of the certificate server 20 via the network 3 (step S^)' according to the user's ##, public key, The validity period, etc., verifies the identity of the user (step S4〇3), and determines whether the identity of the user is legal (step S4〇4).

If the digital certificate contains the user information and the publicity of the user, and the summary policy is within the valid range, the user's identity verification is passed, and the document~~~ module converts the electronic document into a digest algorithm according to a digest algorithm. Generating a long word f or a bit 7 string 'generating a summary (step) of the electronic suffixing module 104 to add a sigma to the gamma of the name γ = the text based on the private input in the digital certificate Obtaining the electronic electronic document signing agency step S4 () 6). If the user's authentication fails, the user's digital operation is blocked and the process ends. For example, the automatic electronic document automatic signature system and method, although the preferred implementation of the art road such as _L U and turn (four) to determine the invention. The scope of protection of the present invention is defined by the scope of the appended patent application 12 1311429 y r, which is subject to change without departing from the spirit and scope of the present invention. BRIEF DESCRIPTION OF THE DRAWINGS Fig. 1 is a hardware structural diagram of a preferred embodiment of an electronic document automatic signature system of the present invention. 2 is a functional block diagram of the application computer shown in FIG. 1. Fig. 3 is a flow chart showing a preferred embodiment of the electronic document automatic signature method of the present invention. [Main component symbol description] Lu application computer 10 certificate server 20 network 30 client computer 40 database 50 document generation module 101 verification module 102 ^ document summary generation module 103 0 ' encryption module 104 13

Claims (1)

1311429 X. Patent application scope _ι. An electronic document automatic signature system, including an application computer, a certificate server, a client computer and a database, wherein the description should include: , f slot ^ module 1 in generating an electronic signature for electronic signature, sending a signature ^ The user is notified to the user computer to notify the user of the electronic signature operation; for obtaining the digital certificate of the user from the data f after the user confirms the electronic signature operation, and verifying the identity of the user according to the digital certificate; a group, configured to generate a summary of the electronic document after the user authentication is passed; the soil encryption module is configured to perform encryption according to the summary of the description slot in the digital box, to obtain the The private record of the electronic 2, such as the electronic signature of the patent application slot. The system, the micro-snap sub-domain automatic signature key, expiration date. Included: user information, public key, private 3. For example, the patented range flute system, wherein the electronic document verification automatic signature verification described in the verification module item includes: h digital certificate is valid for the user The book contains the user information of the user and the public account has been approved for verification at the valid role. 4. For example, in the application for the patent scope system ,, wherein the electronic document automatically converts the electronic document into an electronic document, and the electronic document is converted into a string or a bit according to the digest algorithm. String generated. 1311429 〆ψ "5 · - Electronic document automatic signature method, the method comprises the following steps: generating an electronic document for electronic signature, sending signature information to the client computer, notifying the user to perform an electronic signature operation; the user confirming the electronic signature Obtaining a digital certificate of the user from the database; verifying the identity of the user according to the digital certificate; generating a summary of the electronic document after the user authentication is passed; 'based on the private key pair in the digital certificate The abstract of the electronic document is encrypted to obtain an electronic signature of the electronic document. 6. The electronic document automatic signature method according to claim 5, wherein the digital certificate comprises: a user's information, a public key, a private number, and an expiration date. 7. The electronic document automatic signature method according to claim 6, wherein the step of verifying the identity of the user according to the digital certificate comprises: (if the digital certificate contains the user information and the public key of the user) And the validity period of the user is passed. The electronic document automatic signature method according to claim 5, wherein the electronic document is abstracted according to a digest algorithm The slot is transformed into a fixed length string or a bit string.